and paste the output here? /path/to/cert.pem is the file containing
the cert which has the Subject DN:
CN=myldap.mydom.fr,OU=myou,O=myorg,L=myloc,ST=myst,C=FR

Is this the server cert of the remote server (i.e. not the syncrepl
client).

This is the certificate defined as my main LDAP server's certificate
(used to enable ldaps connection).
It is not the syncrepl provider's certificate, nor a certificate
intended to be used to authenticate my main LDAP server to the provider.

Be sure to obscure any sensitive data in the -text output before
sending.

Here's the certificate with identication fields modified, though a
public certificate shouldn't contain such critical data (I wouldn't
have sent my private key though ;-) ).

What is interresting here, I think is the "TLS Web Server
Authentication, Code Signing" value for the "X509v3 Extended Key
Usage" extension. This means that the certificate is not to be used as
a client authentication certificate, so syncrepl is right in stating
that the SSL connection can't be established. Though the question is,
why on earth is my server trying to use my Server's certificate as a
client certificate while connecting to the syncrepl ldaps provider! It
should instead only check the provider's Server certificate and then
binds using the provided credential to authenticate to the provider.

I think what is happening is that the syncrepl crypto context is
"inheriting" from the main server crypto context. You want it to
"inherit" the CA certificate from the main crypto context but not the
server certificate. Please open an ITS for this. I'll have to figure
out how this was working in openssl.